Breaking the Stream Ciphers F-FCSR-H and F-FCSR-16 in Real Time

The F-FCSR stream cipher family has been presented a few years ago. Apart from some flaws in the initial propositions, corrected in a later stage, there are no known weaknesses of the core of these algorithms. Two variants, F-FCSR-H and F-FCSR-16, were proposed in the eSTREAM project, and F-FCSR-H v2 is one of the ciphers selected for the eSTREAM portfolio.In this paper we present a new and severe cryptanalytic attack on the F-FCSR stream cipher family. We give the details of the attack when applied to F-FCSR-H v2 and F-FCSR-16. The attack requires a few Mbytes of received sequence, and the complexity is low enough to allow the attack to be performed on a single PC within seconds.

[1]  François Arnault,et al.  Preventing weaknesses on F-FCSR in IV mode and tradeoff attack on F-FCSR 8 , 2005 .

[2]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[3]  Josef Pieprzyk,et al.  Advances in Cryptology - ASIACRYPT 2008, 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia, December 7-11, 2008. Proceedings , 2008, ASIACRYPT.

[4]  Mark Goresky,et al.  2-Adic Shift Registers , 1993, FSE.

[5]  Michael Vielhaber Breaking ONE.FIVIUM by AIDA an Algebraic IV Differential Attack , 2007, IACR Cryptol. ePrint Arch..

[6]  Andrew Klapper,et al.  Register Synthesis for Algebraic Feedback Shift Registers Based on Non-Primes , 2004, Des. Codes Cryptogr..

[7]  Vincent Rijmen,et al.  The eSTREAM Portfolio (rev. 1) , 2008 .

[8]  Christian Ronse Feedback Shift Registers , 1984, Lecture Notes in Computer Science.

[9]  Bin Zhang,et al.  Chosen Ciphertext Attack on a New Class of Self-Synchronizing Stream Ciphers , 2004, INDOCRYPT.

[10]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[11]  François Arnault,et al.  F-FCSR: Design of a New Class of Stream Ciphers , 2005, FSE.

[12]  François Arnault,et al.  X-FCSR - A New Software Oriented Stream Cipher Based Upon FCSRs , 2007, INDOCRYPT.

[13]  Thomas Johansson,et al.  A Framework for Chosen IV Statistical Analysis of Stream Ciphers , 2007, INDOCRYPT.

[14]  François Arnault,et al.  Feedback with carry shift registers synthesis with the Euclidean algorithm , 2002, IEEE Transactions on Information Theory.

[15]  C. Pandu Rangan,et al.  Progress in Cryptology - INDOCRYPT 2007, 8th International Conference on Cryptology in India, Chennai, India, December 9-13, 2007, Proceedings , 2007, INDOCRYPT.

[16]  François Arnault,et al.  A New Class of Stream Ciphers Combining LFSR and FCSR Architectures , 2002, INDOCRYPT.

[17]  François Arnault,et al.  Design and properties of a new pseudorandom generator based on a filtered FCSR automaton , 2005, IEEE Transactions on Computers.

[18]  Tor Helleseth Sequences and Their Applications - SETA 2004, Third International Conference, Seoul, Korea, October 24-28, 2004, Revised Selected Papers , 2005, SETA.

[19]  Willi Meier,et al.  Fast correlation attacks on certain stream ciphers , 1989, Journal of Cryptology.

[20]  S. Babbage Improved “exhaustive search” attacks on stream ciphers , 1995 .

[21]  Mark Goresky,et al.  Feedback shift registers, 2-adic span, and combiners with memory , 1997, Journal of Cryptology.

[22]  Martin Hell,et al.  Breaking the F-FCSR-H Stream Cipher in Real Time , 2008, ASIACRYPT.

[23]  Martin Hell,et al.  An Efficient State Recovery Attack on X-FCSR-256 , 2009, FSE.

[24]  Alex Biryukov,et al.  Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers , 2000, ASIACRYPT.

[25]  Alfred Menezes,et al.  Progress in Cryptology — INDOCRYPT 2002 , 2002, Lecture Notes in Computer Science.

[26]  François Arnault,et al.  Update on F-FCSR Stream Cipher , 2006 .

[27]  François Arnault,et al.  On the security of FCSR-based pseudorandom generators , 2007 .

[28]  Jovan Dj. Golic,et al.  Cryptanalysis of Alleged A5 Stream Cipher , 1997, EUROCRYPT.

[29]  N. Koblitz p-adic Numbers, p-adic Analysis, and Zeta-Functions , 1977 .

[30]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[31]  Andrew Klapper,et al.  A Survey of Feedback with Carry Shift Registers , 2004, SETA.

[32]  Markku-Juhani O. Saarinen Chosen-IV Statistical Attacks on eSTREAM Stream Ciphers , 2006 .

[33]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.

[34]  Neal Koblitz,et al.  p-adic numbers , 1977 .

[35]  François Arnault,et al.  Some Results on FCSR Automata With Applications to the Security of FCSR-Based Pseudorandom Generators , 2008, IEEE Transactions on Information Theory.

[36]  Éliane Jaulmes,et al.  Cryptanalysis of the F-FCSR Stream Cipher Family , 2005, Selected Areas in Cryptography.

[37]  Anne Canteaut,et al.  Progress in Cryptology - INDOCRYPT 2004, 5th International Conference on Cryptology in India, Chennai, India, December 20-22, 2004, Proceedings , 2004, INDOCRYPT.